VIATEL TECHNOLOGY UK LTD

Microsoft Azure

We provide Microsoft Azure Hosting tailored to encompass any range of services from compute, storage and networking. This provides UK government organisations with on-demand, scalable public cloud resources that enable transformational digital solutions.

Features

• Support design of cloud architecture and infrastructures on Azure
• Fully redundant and resilient cloud infrastructures built on Azure
• Flexible and scalable storage, network, monitoring and backup services
• Support from industry experts for cloud implementation
• Platform as a Service – Cloud Services
• Infrastructure as a Service – Virtual Machines
• Windows Azure Websites – Web Hosting
• Proof-of-concept development
• ISO27001 accredited

Benefits

• Cost effective hosting
• Relieve IT staff from day-to-day tactical activities and improving productivity
• Flexible system configurations based on needs with automated cloud infrastructure
• Best-in-class implementation for cloud platform hosting applications

£0.01 a unit

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gerard.mccann@viatel.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

560794979054709

Contact

Gerard McCann
+447590689465
gerard.mccann@viatel.com

Service scope

• Service constraints: Exclusions from monthly fee, unless otherwise agreed, include:; Non technical issues; Hardware issues beyond basic troubleshooting; Third party software support; Training and development; Major system upgrades; Network infrastructure; Bespoke application support unless agreed; Linux, Oracle or Unix environements; Accounting Packages; Printer hardware repair; Networked copiers, fax etc unless installed by Viatel; Telephony or VOIP systems unless installed by Viatel; Equipment and packaging removal/disposal; Supply and installation of hardware; Out of hours ; Office moves; Project work; ISP outages support; Website migration and management; Work required due to customer or third party error or negligence; Full list available on request
• System requirements:
  • Azure Subscription.
  • Other system requirements depending on customer requirements

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The service desk operates between 8am to 6pm Monday to Thursday and 8am to 5pm on Friday. Out-of-hours service, up to and including 24x365 support, is available and is customisable to customer needs to match the operating hours of the business.; ; Priority Response Target Resolution Planning Resolution Target; 1 1 hour 1 hour 4 hours; 2 2 hours 1 hour 6 hours; 3 4 hours 4 hours 8 hours; 4 8 hours 12 hours 24 hours; ; The above refers to working hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Managed Services is the umbrella name for all IT services delivered by the Viatel IT Services support teams. Currently under that umbrella the following services are available to our customers, ServiceDesk, Enterprise ServiceDesk, Dedicated Tech, Proactive Maintenance, Virtual Chief Information Officer (vCIO), Unified Endpoint Management, TAM, ServiceDesk 247, and Proactive Monitoring & Alerting. ; ; Scope and cost of service is subject to customer requirements.; ; We can provide a technical account manager and/or cloud support engineer or equivalent according to customer requirements.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Our onboarding process includes workshops with the customer to understand their current environment in greater detail and to provide recommendations on what activities, upgrades or adjustments are required in order to support the SLA requirements. These recommendations are provided in the form of a RAG report, identifying the areas requiring focus in the short, medium and long term. ; During this process we would typically conduct a site visit to facilitate environmental familiarisation. We will collect all relevant information relating to the existing environment including third party vendors and will manage communication with these vendors when required. We will also collect all relevant information regarding software system licenses/certificates and keep lifecycle track of same. ; The goal is to align the new service with your organisational requirements and operations. The scope includes the management of the processes, systems and functions to transition to us as service provider. The transition plan will schedule and coordinate the resources required to deploy the managed services within the cost, time and quality targets and provide a coherent structure for assessing the service capacity and risk profile before a new service is released. It will establish and maintain the integrity of all service assets and configurations.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Any data related to our service e.g. knowledge base articles, credentials, asset information etc will be made available to the customer.
• End-of-contract process: We understand the importance of retaining the flexibility to transition smoothly between suppliers and solutions, while ensuring continuity and quality of service. We will facilitate an effective exit arrangement and transition to provide this flexibility. We will work with customers to provide input into a comprehensive exit plan, for example, covering elements such as:; • continued provision of the services for the duration of any termination notice and, if necessary, for a transitional period afterwards; • transfer of knowledge and documentation in connection with the services provided; • reasonable assistance to customers in connection with a re-tender of all or part of the services ; • general assistance and co-operation ; Off boarding costs would typically be covered by the contract however we can appoint an exit manager to support the transition and can work with customers to scope the level of involvement required and provide an estimated cost for any work that is outside any existing contract.

Using the service

• Web browser interface: Yes
• Using the web interface: We use ConnectWise PSA as our professional services automation software tool. The tool has a customer portal that allows customers to submit and track progress of their requests. The tool also allows customers to view and pay invoices. Features are based on permissions. Users roles determine what information they have access to. Options include Tickets, Projects, Recommendations, Knowledge Base, Configurations, Report and Account. The Tickets tab for example allows the user to submit a support ticket, flag it as an emergency, view updates on recent tickets, view a record of communication, and view past tickets. Full details available on request.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: ConnectWise manage is accessed via web browser. We use ConnectWise PSA as our professional services automation software tool. The tool has a customer portal that allows customers to submit and track progress of their requests. The tool also allows customers to view and pay invoices. Features are based on permissions. Users roles determine what information they have access to. Options include Tickets, Projects, Recommendations, Knowledge Base, Configurations, Report and Account. The Tickets tab for example allows the user to submit a support ticket, flag it as an emergency, view updates on recent tickets, view a record of communication, and view past tickets. Full details available on request.
• Web interface accessibility testing: With regards Azure, Microsoft's consideration of the WCAG standard in the development of products and services points to its commitment to making technology and data accessible for all customers.; ; Microsoft publishes WCAG reports that reflect the complete product or service. It generally doesn't create reports for individual features or components. Sometimes, Microsoft might release a new component for an existing product, or a new version of an existing component, which users can choose to install separately, and Microsoft might also publish a WCAG report for that component.
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Our cloud environment is readily scalable. In terms of the human resources element, engagements include a service continuity and risk management element. We identify the specific resource requirements and put a service continuity plan in place to support same. A team of resources is identified along with a well-defined back up schedule for each individual. This approach minimises the impact on the programme of any person leaving or becoming unavailable for any other reason. Cross functional training is core to ensure cover is available at all times to support service continuity.
• Usage notifications: Yes
• Usage reporting: Other
• Other usage reporting: Typically this would be via email or phonecall from the account manager. We hold regular performance measurement and review meetings with customers to facilitate the evaluation of the resources, service and/or project. The content and structure of these meetings can vary depending on the service model and nature of the engagement or lot. Detailed reporting can be provided and discussed and an outline of activity planned for the period ahead provided. The frequency and content of, and attendees at, these meetings will be agreed during the on-boarding process to ensure they meet customer requirements.

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Virtual Machine Backup
  • Replication, failover, and recovery of workloads and apps
  • On premise backup
  • Database backup
  • File, folder, system state backup
  • Storage
• Backup controls: The backup policy has two components: Schedule (when to take backup) and Retention (how long to retain backup). You can define the policy based on the type of data that's being backed up, RTO/RPO requirements, operational or regulatory compliance needs and workload type (for example, VM, database, files).
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Availability on average is 99.928%.
• Approach to resilience: It's available on request.
• Outage reporting: Outages can be reported via public dashboard, API or email alerts depending on customer requirements.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: In line with ISO 27001 we have an access controls policy to protect customer data. Role based access control and periodic access audits help secure sensitive customer information e.g. credentials which are managed by dedicated applications. Any increase in user access rights are all managed by the change advisory board. Role Based Access Controls are in place for all employees, only employees operating in a service capacity have access to managed systems. Auditing is also in place to identify access requests.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NSAI
• ISO/IEC 27001 accreditation date: 7th August 2017
• What the ISO/IEC 27001 doesn’t cover: Applicable to the following areas:; Physical and cloud-based IT Systems & Networks utilised for internal business operations and delivering services to customers; Business activity related to delivering IT services and IT support, including provisioning, maintaining & supporting IT infrastructure, digital applications and IT consultation services; Business activity related to delivering software development services; Staff and assets that support this business activity both in offices and working remotely.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Azure Security Engineer
  • Azure Security Administrator
  • Fortinet Network Security
  • Fortinet Cybersecurity
  • Sonicwall Network Security

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We have an ISO 27001 certified information security management system (ISMS) which helps to protect information through a centrally managed framework. The system is supported by the board of management and senior management.; ISO 27001 sets out a recommended list of 114 controls that include policies on information security. These outline our commitment that all activities are intended to be consistent with the requirements. In line with ISO 27001 we have an access controls policy to protect customer data. Role based access control and periodic access audits help secure sensitive customer information e.g. credentials which are managed by dedicated applications. Any increase in user access rights is managed by the change advisory board.; All employees are appropriately trained on our Information Security policies and kept up to; date on any additions or changes to the policies. Training is mandatory prior to receiving access to information or services.; After initial training during induction, employees; have recurring annual refresher training on current threats, as well as material changes to policy. This training is conducted by annual refresher seminars or continual reminders (such as posters, e-mail; or intranet newsletters, etc.); Senior Management are responsible for on-going policy education and training policy.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: In line with ISO27001 we have a Change Advisory Board in place to support change authorisation, assessment and prioritisation. The CAB allows changes to be assessed from both a technical and a business viewpoint. Conflicts of schedule between future changes can be identified. The CAB is comprised of the Director of IT Services, the Head of Support Operations and the Support Services Manager.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: PEN Testing is completed on externally facing Viatel IP's every 2 years with the last test completed November 2022. Vulnerability scanning is performed by an independent third party (Henocon). Regular vulnerability scanning is completed every month. Any vulnerabilities identified are managed and tracked according to severity until they are closed out. A formal review is carried out every 6 months.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Our Proactive Maintenance service covers the scheduled review of patching and firmware revisions on all hardware and hypervisor platform software under contract. ; It is typically performed by remote engineer services outside of normal business hours. The service aims to identify areas of concern (risks and recommendations) regarding infrastructure health (security patching/settings, firmware(s), warranties, End of Support/Life dates, etc.) and version compliance. The primary output of the review is to determine follow-up remediation actions and schedule required maintenance windows with the customer where required to ensure the environment is fully up-to-date, secure, and compliant with industry best practices and standards.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have an incident management process in place to ensure incidents are reported and managed in line with our ISO27001 certification. Incidents are directed to the Director of IT Services. ; Incidents are classified as follows:; P1 High - Incident poses an immediate threat to all information processing systems which could result in criminal charges for example a network wide virus outbreak.; P2 Medium - Incident poses a threat to a number of information systems; P3 Low - Incident poses no immediate threat to information processing systems; How the customer is informed will depend on the severity of the issue

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: Microsoft
• How shared infrastructure is kept separate: Data Segregation is achieved through a combination of Logical Isolation, At-Rest Data Protection and In-Transit Data Protection. ; Access Control and Privileges allows fine-grained control over access permissions. In terms of Customer Data Ownership and Access, Microsoft operations and support personel are denied access to customer data by default. Just in Time Model is used where access is granted for a support case.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Microsoft has a corporate commitment to shift to 100% supply of renewable energy by 2025. This means they will have power purchase agreements for green energy contracted for 100 percent of carbon emitting electricity consumed by all data centres, buildings, and campuses. The type of renewable energy and suppliers are determined by a number of factors, including availability of supply, proximity to operations and cost.; Microsoft tracks and reports the total energy consumed by energy source. The Microsoft 2022 environmental sustainability report is available on request and includes corporate-wide energy consumption data between 2020 – 2022.; A UK fact sheet is also available and gives further details on the local sustainability investments and datapoints in support of meeting and exceeding our commitments around carbon, water, waste, and ecosystems. Microsoft does not publish specific REF metrics on a per datacentre basis.; ISO 50001 Certificate is available on request also.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our goal is to achieve Net Zero emissions by 2050 or before. We completed a Carbon Reduction Plan in accordance with PPN 06/21 and associated guidance and reporting standard for Carbon Reduction Plans.; Emissions have been reported and recorded in accordance with the published reporting; standard for Carbon Reduction Plans and the GHG Reporting Protocol corporate standard and; uses the appropriate Government emission conversion factors for greenhouse gas company reporting.; .; Scope 1 and Scope 2 emissions have been reported in accordance with SECR requirements,; and the required subset of Scope 3 emissions have been reported in accordance with the; published reporting standard for Carbon Reduction Plans and the Corporate Value Chain; (Scope 3) Standard3; ; Carbon Reduction Projects; The following environmental management measures and projects have been completed or implemented since the 2020/21 baseline.; Service Offering Restructure:; - Roll Out of our Proactive Monitoring Service. Reduces the requirement for onsite; preventative maintenance tasks and therefore minimising carbon emissions. ; Fleet Improvements:; - Reduce the number of company vehicles; - Operational Improvements: Plan Routes and schedule customer onsite appointments carefully in order to minimise unnecessary carbon emissions; - Improve driver behaviour: Informing drivers of the impact of idle engines on carbon emissions and rewarding fuel efficiency.; Estate and Premise Improvements:; - Installation of LED Lighting in offices; - Open floor plan to allow light to flow freely and reduce the; number of bulbs required.; - Encourage all employees to keep things digital where possible; - We provide Office plants as a means to improve office air quality and improve the office environment.; Company Policy:; - Roll out of our first Carbon Reduction Plan; - Implementation of effective but flexible working policies that encourage remote working and reduce carbon emission from unnecessary travel.

  Covid-19 recovery

  When Covid-19 began, we had already set up all staff to work remotely which enabled staff to remain at work. All staff have laptops and VPN licences for connectivity. We are a cloud led business which is fundamental to our operational strategy. Our staff are still set up to work remotely.; We facilitated remote and flexible working during and after the pandemic allowing employees to balance work and the change in family care systems that was required. Social distancing was implemented where employees chose or were required to come into the office for a specific purpose. ; We have an employee assistance programme available which includes expert wellness advice, a library of wellbeing content and webinars, counselling and financial and legal information services.; Our policy has always been to attract and enable more employees to become involved in the IT sector. We support a programme with the National Coding Institute to increase participation of women in the software industry. The programme gives unemployed and unskilled females the opportunity to obtain a qualification in Software Programming. Graduates from this programme are given the opportunity to join Viatel for work experience and mentoring with a view to leading to full time employment. ; We have supported non-EU born employees by sponsoring work permits to allow them and their families move to Ireland and work legally. We have also supported several employees to return to and work from their home countries during the pandemic, allowing them to be with their families during difficult times.

  Tackling economic inequality

  We support a programme with the National Coding Institute to increase participation of women in the software industry. The programme gives unemployed and unskilled females the opportunity to obtain a qualification in Software Programming. Graduates from this programme are given the opportunity to join Viatel for work experience and mentoring with a view to leading to full time employment. ; ; We also offer paid Internships to IT students from local universities whereby they benefit from on the job learning and mentoring by our more senior employees. After graduating they can progress to our Graduate Programme with a learning and development programme for them to progress within the organisation. ; ; Traditionally the IT industry in Ireland is male dominated with an average of 22% female participation. We have increased female participation from 21% to 25% in past year and have a target to reach 35% by 2025. We aim to reach this by continued participation in programmes listed about and also reaching out to schools promoting IT as a career for young girls.; ; In 2022, we welcomed the opportunity to publish our gender pay gap analysis for the first time, reporting a gap of 4.3%. That was an excellent result – we compared well the national average of 11.3% and exceptionally well when compared to our peers and competitors. Our mean pay gap in 2023 has fallen from 4.3% to just 0.2%. We more eager than ever to keep building on this momentum and strive towards even more female representation at Viatel. ; ; We have supported non-EU born employees by sponsoring work permits to allow them and their families move to Ireland and work legally. We have also supported several employees to return to and work from their home countries during the pandemic, allowing them to be with their families during difficult times.

  Equal opportunity

  We support a programme with the National Coding Institute to increase participation of women in the software industry. The programme gives unemployed and unskilled females the opportunity to obtain a qualification in Software Programming. Graduates from this programme are given the opportunity to join Viatel for work experience and mentoring with a view to leading to full time employment. ; ; We also offer paid Internships to IT students from local universities whereby they benefit from on the job learning and mentoring by our more senior employees. After graduating they can progress to our Graduate Programme with a learning and development programme for them to progress within the organisation. ; ; Traditionally the IT industry in Ireland is male dominated with an average of 22% female participation. We have increased female participation from 21% to 25% in past year and have a target to reach 35% by 2025. We aim to reach this by continued participation in programmes listed about and also reaching out to schools promoting IT as a career for young girls.; In 2022, we welcomed the opportunity to publish our gender pay gap analysis for the first time, reporting a gap of 4.3%. That was an excellent result – we compared well the national average of 11.3% and exceptionally well when compared to our peers and competitors. Our mean pay gap in 2023 has fallen from 4.3% to just 0.2%. We more eager than ever to keep building on this momentum and strive towards even more female representation at Viatel. ; We have supported non-EU born employees by sponsoring work permits to allow them and their families move to Ireland and work legally. We have also supported several employees to return to and work from their home countries during the pandemic, allowing them to be with their families during difficult times.

  Wellbeing

  Viatel are compliant with all applicable employment regulations. We offer a range of employee benefits including flexible and remote working options, additional paid leave over the summer, employee pension scheme, access to health insurance and income protection and death in service benefit. Viatel employees can also avail of an Employee Assistance Programme provided by a third party provider to support them to thrive at home and at work. The programme has the following features.; Wellbeing content - a library of health and wellbeing content, a monthly newsletter and information on events on webinars via dedicated online portal.; Counselling: Access to 24/7 counselling by phone and/or face to face appointments.; Parenting Coach: Access to trained professionals over the phone for support and information on everyday parenting challenges.; Career Coach: Guidance on your career path and discussion of work related issues.; Manager Helpline: Access to a senior clinician for guidance and support on managing collegues and building a productive work culture. ; Financial and Legal Information: Access to a team of qualified financial and legal representatives for guidance on money or legal matters.; Cognitive Behavioural Therapy (CBT) : Living Life to the Full CBT online self support programme.; Critical Incident Management: Access to a rapid response service delivered by trained critical incident teams.

Pricing

• Price: £0.01 a unit
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free license trials that will include all features for one month.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gerard.mccann@viatel.com. Tell them what format you need. It will help if you say what assistive technology you use.